<?php
class control_bug extends core_action{
	
	public $params;
	
	function __construct(){
		$this->params['bug'] = 'tabOn';
	}
	
	function show(){
		$srvUser = new core_service_user(Qutil::deId($_COOKIE['uid']));
		if($srvUser->isLogin() === false) $this->redirict('user', 'login');
		$bid = Qutil::deId($_GET['bid']);
		$srvBug = new core_service_bug($bid);
		if($srvBug->get('user_id') != $srvUser->getId()){
			$this->showMsg('无权查看', 2, Qtpl::createUrl('index', 'index'));
		}
		$this->params['title'] = $srvBug->get('title');
		$this->params['bug'] = $srvBug->get();
		$model = new core_model_cate($srvBug->get('cate_id'));
		$this->params['bug']['cate_name'] = $model->getData('cate_name');
		$this->render('default/bug_show.php', $this->params);
	}
	function sub(){
		if(!$_COOKIE['uid']) $this->showMsg('请先登录在提交', 2, Qtpl::createUrl('user', 'login'));
		if($_POST){
			$post = Qutil::filter($_POST);
			$srvBug = new core_service_bug();
			$post['user_id'] = Qutil::deId($_COOKIE['uid']);
			$post['username'] = $_COOKIE['name'];
			if(!$post['title'] or !$post['content']){
				$this->showMsg('请填写标题和内容', -1, '', 1);
			}
			$post['cate_id'] = intval($post['cate_id']);
			if($post['cate_id'] <= 0) $this->showMsg('请选择类型', -1, '', 1);
			$post['level'] = intval($post['level']);
			if($post['level'] <= 0) $this->showMsg('请选择漏洞等级', -1, '', 1);
			$post['rank'] = intval($post['rank']);
			if($post['rank'] <= 0) $this->showMsg('请给漏洞一个评分', -1, '', 1);
			$post['files'] = '';
			if($this->formToken(2) === false){
				$this->showMsg('参数错误', -1, $this->formToken(), 1);
			}
			if($srvBug->create($post) === false){
				$this->showMsg('提交出错：'.$srvBug->getError(), -1, '', 1);
			}
			$this->showMsg('提交成功，请耐心等待我们确认。', 1, Qtpl::createUrl('user', 'bugs'), 1);
		}
		$cate = new core_model_cate();
		$this->params['token'] = $this->formToken();
		$this->params['cate'] = $cate->select(array('pid'=>0))->items;
		$this->params['title'] = '漏洞提交';
		$this->render('default/bug_sub.php', $this->params);
	}
}